| AdminBot | 14.02.2010 23:16 |
Security Essentials 2010 entfernen
Liste der Anhänge anzeigen (Anzahl: 7) Security Essentials 2010 entfernen Was ist Security Essentials 2010?
Security Essentials 2010 gehört zur selben Rogue Anti-Spyware wie Internet Security 2010 und ist eine weitere gefälschte Scan-Software, die mittels eines trojanischen Pferdes in den PC eindringt und weissmacht, den PC nach Malware abzusuchen. Diese Software ist ein Fake und selbst eine Schadsoftware und sollte nicht gekauft werden.
Verbreitet wird Security Essentials 2010 nicht mehr ausschliesslich über 'dubiose Seiten' für Cracks, KeyGens und Warez, sondern auch seriöse Seiten werden zunehmend für die Verbreitung dieser mißbraucht ( http://www.trojaner-board.de/90880-d...tallation.html). http://www.trojaner-board.de/attachm...ntfernen-1.jpg http://www.trojaner-board.de/attachm...ntfernen-2.jpg http://www.trojaner-board.de/attachm...ntfernen-3.jpg http://www.trojaner-board.de/attachm...ntfernen-4.jpg Symptome von Security Essentials 2010:- Ständie Warnmeldungen
- Desktop Hijacking
- PC läuft langsamer
http://www.trojaner-board.de/attachm...ntfernen-5.jpg http://www.trojaner-board.de/attachm...ntfernen-6.jpg http://www.trojaner-board.de/attachm...ntfernen-7.jpg Your computer is infected! Windows has detected an infection of spyware! It is recommended to use special antispyware tools to prevent data loss. Windows will now download and install the most up-to-date antispyware for you.
Click here to protect your computer from spyware!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. You private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need update your current security software. Click OK to download official intrusion detection system (IDS software)
ERROR
Application Error.The instruction at 0x009a6f9a referenced memory at 0x00000000. The memory could not be written.Click on OK to terminate the program.
Security Warning!
Worm.Win32.NetSky detected on your machine.
This virus is distributed via the Internet through e-mail and Active-x objects.
The worm has its own SMTP engine which means it gathers e-mails from your local computer and re-distributes itself.
In worst cases this worm can allow attachers to access your computer, stealing passwords and personal data.
Viruses can damage your confidential data and work on your computer.
Continue working in unprotected mode is very dangerous.
System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.
Critical Warning!
Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Interner Explorer, Mozilla Firefox, Outlook etc. Click Yes to scan and remove threats. (recommended)
Dateien von Security Essentials 2010: Code:
c:\s
c:\Program Files\Securityessentials2010\
c:\Program Files\Securityessentials2010\SE2010.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security essentials 2010.lnk
%UserProfile%\Desktop\Security essentials 2010.lnk
%UserProfile%\Start Menu\Security essentials 2010.lnk
c:\WINDOWS\system32\41.exe
c:\WINDOWS\system32\helpers32.dll
c:\WINDOWS\system32\smss32.exe
c:\WINDOWS\system32\warnings.html
c:\WINDOWS\system32\winlogon32.exe
Registry-Einträge von Security Essentials 2010: Code:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-security-essentials.com
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-soft-package.com
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-software-package.com
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\get-key-se10.com
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download.com
HKEY_CURRENT_USER\Software\SE2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-security-essentials.com
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\get-key-se10.com
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop "NoChangingWallpaper" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoActiveDesktopChanges" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoSetActiveDesktop" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Security essentials 2010"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "smss32.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop "NoChangingWallpaper" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer "NoActiveDesktopChanges" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer "NoSetActiveDesktop" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "smss32.exe"
Security Essentials 2010 im HijackThis-Log: Code:
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon32.exe
O4 - HKLM\..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe
O4 - HKCU\..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe
O4 - HKCU\..\Run: [Security essentials 2010] C:\Program Files\Securityessentials2010\SE2010.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\helpers32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\helpers32.dll
O15 - Trusted Zone: http://*.buy-security-essentials.com
O15 - Trusted Zone: http://*.download-soft-package.com
O15 - Trusted Zone: http://*.download-software-package.com
O15 - Trusted Zone: http://*.get-key-se10.com
O15 - Trusted Zone: http://*.is-software-download.com
O15 - Trusted Zone: http://*.buy-security-essentials.com (HKLM)
O15 - Trusted Zone: http://*.get-key-se10.com (HKLM)
| 